Apply suggestions from code review

ihsinme · geoffw0 · web-flow · commit be11e4fc2d6c · 2022-03-01T12:25:57.000+03:00
Co-authored-by: Geoffrey White &lt;40627776+geoffw0@users.noreply.github.com&gt;
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql b/cpp/ql/src/experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql
@@ -1,5 +1,5 @@
 /**
- * @name Find work with the file without setting permissions.
+ * @name Writing to a file without setting permissions.
  * @description Lack of restriction on file access rights can be unsafe.
  * @kind problem
  * @id cpp/work-with-file-without-permissions-rights
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/test2.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/test2.cpp
@@ -10,7 +10,7 @@ int main(int argc, char *argv[])
 {
   FILE *fp;
   char buf[128];
-  fp = fopen("myFile.txt","w"); // BAD [NOT DETECTED]
+  fp = fopen("myFile.txt","r+"); // BAD [NOT DETECTED]
   fgets(buf,128,fp); 
   fprintf(fp,"%s\n","data to file");
   fclose(fp);

Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,7 @@ int main(int argc, char *argv[])`
`10`	`10`	`{`
`11`	`11`	`FILE *fp;`
`12`	`12`	`char buf[128];`
`13`		`- fp = fopen("myFile.txt","w"); // BAD [NOT DETECTED]`
	`13`	`+ fp = fopen("myFile.txt","r+"); // BAD [NOT DETECTED]`
`14`	`14`	`fgets(buf,128,fp);`
`15`	`15`	`fprintf(fp,"%s\n","data to file");`
`16`	`16`	`fclose(fp);`